Try our training for free.

Gain instant access to our entire IT training library for 1 week. Train anytime on your desktop, tablet, or mobile devices.

This Cisco video training with Jeremy Cioara covers troubleshooting Cisco networks, including topics such as IOS tools, VLANs and spanning trees, router performance issues, and more....
This Cisco video training with Jeremy Cioara covers troubleshooting Cisco networks, including topics such as IOS tools, VLANs and spanning trees, router performance issues, and more.

Related area of expertise:
  • Cisco networking level 2

Are you ready to run a Cisco network?  You will be, once you pass your TSHOOT exam. TSHOOT is the final step for earning Cisco's CCNP certification.  Employers trust that CCNP certified staff have the vital, problem-solving skills their network needs.

With tech guru Jeremy Cioara in the virtual chair next to you, you'll get the training you need super-fast, and you'll love every minute of it!  His TSHOOT video course is 80-90% hands-on, and Jeremy's filled it with tons of unscripted, real-world troubleshooting demonstrations.

By the time you're done watching, you'll be ready for the TSHOOT exam and actively troubleshooting your own network.
1. TSHOOT: Setting Your Expectations (16 min)
2. General TSHOOT: The Troubleshooting State of Mind (28 min)
3. General TSHOOT: Troubleshooting Before You're Treading Water - Proactive Steps (18 min)
4. General TSHOOT: Troubleshooting Before You're Treading Water - Proactive Steps, Part 2 (39 min)
5. General TSHOOT: IOS Tools to Monitor and Maintain the Network (27 min)
6. General TSHOOT: IOS Tools to Monitor and Maintain the Network, Part 2 (56 min)
7. Switch TSHOOT: VLANs and Spanning Tree Concept Review (19 min)
8. Switch TSHOOT: VLANs and Spanning Tree (30 min)
9. Switch TSHOOT: VLANs and Spanning Tree, Part 2 (28 min)
10. Switch TSHOOT: L3 Switching and Redundancy Protocols Concept Review (21 min)
11. Switch TSHOOT: L3 Switching and Redundancy Protocols (36 min)
12. Switch TSHOOT: L3 Switching and Redundancy Protocols, Part 2 (27 min)
13. Route TSHOOT: L3 Connectivity and EIGRP Concept Review (23 min)
14. Route TSHOOT: L3 Connectivity and EIGRP (48 min)
15. Route TSHOOT: L3 Connectivity and EIGRP, Part 2 (37 min)
16. Route TSHOOT: L3 Connectivity and EIGRP, Part 3 (19 min)
17. Route TSHOOT: OSPF and Route Redistribution Concept Review (23 min)
18. Route TSHOOT: OSPF and Route Redistribution (41 min)
19. Route TSHOOT: OSPF and Route Redistribution, Part 2 (29 min)
20. Route TSHOOT: BGP Concept Review (18 min)
21. Route TSHOOT: BGP (26 min)
22. Route TSHOOT: Router Performance Issues Concept Review (28 min)
23. Route TSHOOT: Router Performance Issues (43 min)
24. Security TSHOOT: Access List Concept Review (17 min)
25. Security TSHOOT: Access List Chaos (62 min)
26. IPv6 TSHOOT: IPv6 and IPv6 Routing Protocols (21 min)

TSHOOT: Setting Your Expectations

General TSHOOT: The Troubleshooting State of Mind

General TSHOOT: Troubleshooting Before You're Treading Water - Proactive Steps

General TSHOOT: Troubleshooting Before You're Treading Water - Proactive Steps, Part 2

General TSHOOT: IOS Tools to Monitor and Maintain the Network

General TSHOOT: IOS Tools to Monitor and Maintain the Network, Part 2

Switch TSHOOT: VLANs and Spanning Tree Concept Review


OK. It's time to get into the actual technical material. But before we get into the troubleshooting itself, for each one of these concepts, I'm going to do a little bit of review. The first one of these is going to be focused on VLANs and Spanning-Tree.


So we're going to do a brief concept review of each one of these, you can see VLANs and Spanning-Tree, and then talk about just some key troubleshooting commands that can help you out along the way. Let's start off talking about VLANs. VLANs are still, to this


day, one of my favorite things to talk about, especially when you get to the CCNA person who comes in and is a little kind of fuzzy as to what a VLAN even is. The fun part is everybody has heard of it. It's like subnetting. Everybody has heard of subnetting. They kind of have that nervous fear of it. It always


goes like this. I ask a class, "OK. How many of you have heard of VLANs?" and almost every hand goes up. They're, "Oh, I've heard. Oh yes, we use it. We use VLANs. VLANs are everywhere." It's kind of like this kind of popcorn response. I go, "Yes, yes, yes. Well, let me tell you what it is." And I just go to


the board and I just draw a simple little, there is a switch. You bought it at Best Buy for 15 bucks. Actually, a little more than that if it supports VLANs. But it's a four-port switch, and if I break it into VLANs, let's say I put the two ports on the left into one VLAN and the two ports on the right on another VLAN, it's as if I took that switch over my knee and went, "Aah, snap!" and broke it in half, and everybody goes, "Oooh!" And now I've got two working switches. That's what a VLAN is. It


actually totally breaks apart the different pieces of the network. And everybody, "Oh." I'm telling you that that's one of those things that just resonates with everybody. They get it. And then I expand out and I say, "OK. Well, a VLAN, when you do that,


as if they're in their own logical group, a broadcast within a VLAN stays in a VLAN. They've got their own IT subnet." And of course, you start expanding on all these terms because these are CCNA people. You don't want to melt them. But here I'm talking


to you at the end of the TSHOOT series, or into the TSHOOT series, I should say, at the end of the CCNP track, and you guys got this to where this is what VLANs are all about. You can put security boundaries. I mean what network doesn't use VLANs? You know what


they're all about. So VLANs can transcend switches through trunk ports, which is a Cisco word. Every other vendor calls them a tagged port, and I like that word better because it reflects what they do, which is they keep the 802.1Q tagged on there, which is the only industry-standard tagging language, ISL is dead, and that tag stays on there. And so if


this guy sends a broadcast, that's how all these other switches know, "Oh, you're sending a broadcast. It belongs to the red VLAN. I got it," and that goes to all the right ports. You can have up to 4,096 VLANs, although not every switch supports that many active VLANs. They should all support those VLAN numbers.


VTP, which is the VLAN Trunking Protocol, should have been called the VLAN Replication Protocol. Cisco is really trying to steer away from this nowadays because the best practice says you should not create VLANs on switches where they don't belong. Whereas


VTP replicates all your VLANs to all the different switches in the organization, whether it belongs there or not. Now speaking of best practices, everything is changed in recent years, as you probably have seen, and no longer is it considered a good practice to have VLANs spanning the entire organization. It used


to be, let's say this was company let me put my pen on the right Layer here this is company A. It used to be that you could have VLAN 10 and VLAN 10 would go campus-wide. No matter where you were in that campus, if you were in VLAN 10, you were on the same subnet. It works well for things like wireless, for voice over IP, like span the entire campus. It


was great. Nowadays, Cisco says you can't do that or you shouldn't do that. Nowadays, Cisco says you should be using something called local VLANs. And that's where VLANs are constrained to a wiring closet, to where, let's say this is building A and you have this wiring closet with a couple Layer of three switches, a couple access Layer switches and then your clients. VLAN 10 should stay within this block. It should not move across these, and the main


reason for that is because Cisco now recommends Layer 3 everywhere. You've got Layer 3 from your distribution Layer switches to your core Layer, so that's a point-to-point link. You've got Layer 3 between, well, if you can do it, between your distribution Layer and your access Layer even to where literally, you've got point-to-point LAN we'll call them LAN links everywhere because now you can use routing protocols rather than Spanning-Tree to converge. And routing protocols can always be faster than Spanning-Tree


could. So that moves you into this local VLAN design to where VLANs are now constrained into the wiring closet. Doing these reviews are kind of funny because I'm thinking, "How can I explain everything about VLANs in five minutes or less?" I mean the good news is I know I'm preaching to the choir. You


guys know what VLANs are all about. So let me talk a little bit about some key troubleshooting commands kind of a mindset when you're troubleshooting VLANs. The beauty of VLANs is it's primarily Layer 2 and below. So when you're thinking about things, you're doing commands like "show mac-address-table" to see what MAC addresses have been learned on a port, what VLAN they are associated with. You're doing a "show vlan" which shows all of the VLANs


that are created on the switch and what ports have been assigned to the specific VLANs. I'm telling you, when I was troubleshooting VLANs, that's one of the first commands I type. Give me a list of the VLANs because it's one thing to have the port assigned to it and it's another thing for the VLAN to actually exist.


I can't tell you how many times I'm troubleshooting something, a computer has no connectivity, and I don't actually have physical access to the switch so I can't see the amber light blinking above the port, but I'm going, "What's the deal? What's the deal?" and I find out that this port has been made a member of a VLAN that actually has not been added to that switch. And the weird


thing is the port just disappears. I mean it doesn't show up. When you do "show vlan," it's not listed there. It's in the running config, sure, but if the VLAN doesn't exist, then it says that the Layer 2 fabric that the computer sits on is gone, that the little blanket that it's sitting on has been whisked out from underneath so it can't talk to anything. So the "show vlan" command


shows both of those things: the VLAN has been created and that the port has been assigned. "Show interface switchboard," this one is really useful for finding out trunk ports, for example, especially you want to find out which ports are configured in that dynamic mode, that mode that we all love to hate, the dynamic mode where it flips between access and trunk that will show which ones are dynamic mode. It will show trunk ports. It will show


what ports are going to cross there. A matter of fact, let me jump on here real quick. For trunk ports, I love this one, "show interface trunk" allows you to see which interfaces are configured as trunk ports as well as what VLANs they are affording. So if for instance, if you have chosen to restrict


what VLANs go across the trunk interface, which is a good practice, you're able to see that information right here. So maybe a VLAN is not working as you would expect on a switch. You want to make sure that it's been added to the trunk port on both sides and that's a great command to do it right there. This is a little


known command and I've actually only used this once or twice in the real world, but it's very handy when you do: traceroute MAC. You guys know what a traceroute is, right, to where I'm sitting at a PC and I want to find out what routers I'm going through on the way to You can actually do a trace


and it will show you every hop. Well, traceroute MAC is something that's supported on Cisco switches, and I emphasize that because it relies on the Cisco Discovery Protocol. If I have a bunch of switches daisy chained together and I want to know what switches I'm going through to reach a specific MAC address, that's where this comes in. Pretty sweet, huh? So that's a great way to kind


of do a trace through your Layer 2 infrastructure. Again, the only requirement is that all those switches in that chain have CDP enabled. Now I know everybody is like, "Well, isn't CDP a bad security practice?" I don't know. I've got to be honest. If you read Cisco documentation,


you'll find one document that's saying, "Yes, turn off CDP. You don't want people finding out about CDP blah, blah, blah." But then you'll find another document that says, "Oh yes, leave CDP on. It's not a bad deal." And a matter of fact, nowadays, it's


recommended to turn it on on any interface that's connecting to an IP phone because it's useful for negotiating power requirements and transmitting voice VLAN information. I mean there is a lot that CDP can do. So I will be honest, I totally leave it on everywhere


in the company. It's just it's too handy of a protocol to turn off. But that being said, you may end up with a security auditor coming in saying, "Hey, CDP, bad practice." Whatever. So do what your organization's security requirements and policies have told you to. So


now let's move into my fly-by review of Spanning-Tree, probably one of the toughest concepts for the entry level person to get. And I always tell people, again, I talk about how do I teach this at the CCNA level. When I get to Spanning-Tree, I am head honest. I say this is one of the toughest concepts for me to


teach, and I always emphasize it's not because the concept is complex. I mean it kind of is, but I mean if you think about it, Spanning-Tree, it's so simple. You're going, "What's up with the tree?" Well, that's the whole concept, right? All Spanning-Tree does is find, "Oh, looks like there is a redundant link that could cause a broadcast storm. Boom. Let's drop a tree on it."


That's Spanning-Tree and you've got this little gap here now. It breaks the link. It brings that continuity to where you don't have the loop in the network. That is Spanning-Tree in all its glory. And I always say that's why it's the toughest concept for me to teach is because that's all there is to it, but now we're going to talk about that for hours because this is not what your networks look like. You don't have a network with two


switches connected with a redundant link. You have a network that has 50 switches, and this one connects to this one and this one connects to this one and that one connects to that one and that one loops back here and this one connects over here. And then you have to say, "OK. Well, how does Spanning-Tree stop


that? Well, why did it block that link? Why did it choose not to block that link?" And then people go, "Oh, OK. That's why it's so complex." And I kind of, I will be dead honest with you, I hate teaching Spanning-Tree just because it's so full of just, like, boring details and, "Oh, here is what a BPDU is. And I


know some of you are, like, "Well, BPDUs are important." Totally. I totally bond with you. BPDUs are important. It's Rapid Spanning-Tree. It is important. Root bridges are important but it's just concept after concept after concept that it's all focused on just blocking that link and it's just because our networks are so complex, we need all of these complex concepts for it. One of the big


things you want to remember about Spanning-Tree is that there are multiple flavors of it. And I don't know if this is real, it would freak me out if it is, but these flavors of Pringles, I know there is, like, every flavor of Pringle under the sun. Matter of fact, I got Seven-Layer Taco Dip Pringles not too long ago. They were really gross. But this is actually Soft-Shell


Crab Pringles, Grilled Shrimp Pringles, and Seaweed Pringles. That would freak me out to see that in somebody's cabinet. But nonetheless, three flavors of Spanning-Tree. The original Spanning-Tree protocol, great at blocking loops but extremely slow by today's standards, up to 50 seconds to reconverge just because the link went down to find a new way to the root bridge. So Spanning-Tree,


it is still alive and well and in networks everywhere, but I would say if it's in your production network, like data center, get it out. You want to move over to Rapid Spanning-Tree. Rapid Spanning-Tree, I would say fairly new in terms of the switch world. It's kind of funny. I was doing this indiscernible where


I actually pulled the switch out of a customer network that we were just replacing. It was CatOS. It was just old. And I threw it up on my desk and I was looking at it, and I kind of blinked twice because I looked at the label and it actually said, right on it, I mean seriously, it was a 48-port it's still sitting in my garage CatOS switch. It was like, I want to say 2948. And right on the lower right-hand corner, it said 10/100/1000 Ethernet. And I'm sitting there looking at it, and I go, "Seriously?


That's a Gigabit switch? 48 ports of Gigabit?" And I sat there scratching my head. I powered up. Sure enough, it's Gigabit. And I'm thinking, "Now wait a second. That thing is running CatOS? Gigabit Ethernet?" I'm, like, "Has Gigabit Ethernet been out that long? I guess it has." And that's the thing, is I started


thinking about why do we not run Rapid Spanning-Tree everywhere? Well, we still have 10/100 switches from a decade ago, I mean literally, 10 years ago, that are running just fine in people's network. They don't support Rapid Spanning-Tree but they're working


fine. And to really run Rapid Spanning-Tree and get all the benefits, you got to run Rapid Spanning-Tree everywhere. So Rapid Spanning-Tree, the great thing about it is that it remembers the block link, whereas Spanning-Tree, let's say we've got our typical Spanning-Tree network right here, redundant link. This is the root bridge.


This is our redundant link. Well, Spanning-Tree forgets about this, so if one of these links dies, it has to kind of rediscover that and put it through the blocking, listening, learning, and all of those process. Whereas Rapid Spanning-Tree goes, OK, I blocked that link but I'm marking it as a redundant backup link.


And should something terrible happen and I lose my primary, I immediately know that that is a backup and I'm going to make it active. So it makes Rapid Spanning-Tree much faster than the original. Multiple Spanning-Tree is a way of grouping Spanning-Tree instances. You may know that


Cisco does not actually run Spanning-Tree and Rapid Spanning-Tree. They run per PV Spanning-Tree and PV Rapid Spanning-Tree, which, you remember, stands for Per-VLAN. Well, that's great until you have 50 VLANs and your switch is just dying because it's got a Spanning-Tree instance on each one of those. Multiple Spanning-Tree allows you to group Spanning-Tree


instances together to where, let's say I've got that was odd. Everything froze for a moment. I've got my typical Spanning-Tree instance right here. I've got 50 VLANs. Well, I can say one instance of Spanning-Tree is running for 25 VLANs and that's the root bridge for that. And then one instance of Spanning-Tree is running


for the other 25 VLANs, and that's going to be the root bridge for that. So I run essentially two instances of Spanning-Tree for my 50 VLANs instead of 50 instances all doing pretty much the same thing. So now let's blend all that into the key troubleshooting for Spanning-Tree.


First off, let me just set the TSHOOT exam aside for a moment and talk about real world. If you have a Spanning-Tree loop in your network, people go, "What do you do?" You do what we all do. You run nil. You run. I mean Spanning-Tree is one of those bad-day scenarios


where I mean the switch lights are blinking like mad. You can't access them via Telnet, sometimes SSH, because they're frozen. The processor is pegged. Switches are going down and rebooting computers. I mean the network is useless. Your servers are down.


Computers are down. It's not good. You run into the server room and you just start unplugging cables, really focusing on your inner switch links first and then focusing on the PCs, if you believe that's where a loop is coming from. What I usually do is start unplugging one major switch at a time and find out where the madness stops to where I can at least tell what switch. I


mean sometimes the chassis-based switches are huge with a lot of connections, but at least it will focus me on which switch then I focus on the module then I say, "OK. Here is the cable that's doing it. Let's trace this and find out who caused this whole thing." And unfortunately, it's usually something that


you plugged in a couple of weeks ago and totally forgot about and someone did a no-shut somewhere at some point. That aside, they're not going to have, of course, a complete network outage on the TSHOOT exam because you have to be able to access the devices. So what you'll want to do is first off, check out "show


spanning-tree. "Show spanning-tree" is your quick view of the Spanning-Tree network. It will show you what interface statuses are, what your current bridge ID is, what interfaces are blocked, what are forwarding, designated ports, backup ports, all those kind of things. It will tell you who the root bridge is in the


network, the priority, just a ton of information, and it will show it for every single VLAN. This one is, I don't use this too often but it's good, "show spanning-tree interface detail." And this is, by the way, a variable to where you put in whatever interface you want to focus on. That will show you the actual


cost of that interface. It will show you again the bridge ID, the root bridge ID, is this the interface that helps you reach the root, all the kind of how many BPDUs you're setting on that port, just a lot of kind of nitty-gritty troubleshooting that you can get. This


one, I kind of threw this one in here, not directly related to Spanning-Tree, but if the switches are accessible and you suspect it's Spanning-Tree loop, do a "show process cpu." Spanning-Tree loops don't always take out the entire network, although they can, depending on the severity of the loop. So if you're looking


at your CPU processes and you're at 90% and you're typically running around 5-10%, usually a Spanning-Tree issue at that point. I mean if you're just staying pegged, there is a loop in the network. And remember, when you have a loop, I mean when you've got a couple of switches I'll just draw up a quick scenario here and you get a loop in the network, you have immortal packets.


Everybody thinks, "Oh, well, they'll die eventually because of the TTL." No. TTL is a Layer 3 field in the header. The only thing that decrements the TTL, the Time to Live, is a router. And if there are no routers in the picture, then you've got a packet that will live forever and ever, looping around and around and around, taking the network out. So again, when you do that


"show process cpu", if it's just steady, pegged, a lot of times, you can go, "OK. Something is up and it's probably Spanning-Tree." So it's kind of like, "Well, what's that command for? Hmm." Yes. Go through and literally start shutting down again, I would start focusing on do a quick "show cdp neighbors," see what's ports are connected to what if you don't have a network diagram. Shut


down the interfaces that are connecting neighbors and see if the processor suddenly drops because you may just strike gold and hit the port that is looping. Well, that should get our blood flowing on VLANs and Spanning-Tree, looking at the concept review to some of the key troubleshooting aspects for each one of these technologies. So let's now move

Switch TSHOOT: VLANs and Spanning Tree

Switch TSHOOT: VLANs and Spanning Tree, Part 2

Switch TSHOOT: L3 Switching and Redundancy Protocols Concept Review

Switch TSHOOT: L3 Switching and Redundancy Protocols

Switch TSHOOT: L3 Switching and Redundancy Protocols, Part 2

Route TSHOOT: L3 Connectivity and EIGRP Concept Review

Route TSHOOT: L3 Connectivity and EIGRP

Route TSHOOT: L3 Connectivity and EIGRP, Part 2

Route TSHOOT: L3 Connectivity and EIGRP, Part 3

Route TSHOOT: OSPF and Route Redistribution Concept Review

Route TSHOOT: OSPF and Route Redistribution

Route TSHOOT: OSPF and Route Redistribution, Part 2

Route TSHOOT: BGP Concept Review


Route TSHOOT: Router Performance Issues Concept Review

Route TSHOOT: Router Performance Issues

Security TSHOOT: Access List Concept Review

Security TSHOOT: Access List Chaos

IPv6 TSHOOT: IPv6 and IPv6 Routing Protocols

Please help us improve by sharing your feedback on training courses and videos. For customer service questions, please contact our support team. The views expressed in comments reflect those of the author and not of CBT Nuggets. We reserve the right to remove comments that do not adhere to our community standards.

comments powered by Disqus
Intermediate 13 hrs 26 videos


Basic Plan Features

Speed Control
Included in this course
Play videos at a faster or slower pace.

Included in this course
Pick up where you left off watching a video.

Included in this course
Jot down information to refer back to at a later time.

Closed Captions
Included in this course
Follow what the trainers are saying with ease.

Files/materials that supplement the video training

Premium Plan Features

Practice Exams
These practice tests help you review your knowledge and prepare you for exams.

Virtual Lab
Use a virtual environment to reinforce what you are learning and get hands-on experience.

Offline Training
Included in this course
Our mobile apps offer the ability to download videos and train anytime, anywhere offline.

Accountability Coaching
Included in this course
Develop and maintain a study plan with assistance from coaches.
Jeremy Cioara
Nugget trainer since 2003